TLS 1.2 for older android versions#1551
Open
nlevi-dev wants to merge 1 commit intomoonlight-stream:masterfrom
Open
TLS 1.2 for older android versions#1551nlevi-dev wants to merge 1 commit intomoonlight-stream:masterfrom
nlevi-dev wants to merge 1 commit intomoonlight-stream:masterfrom
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR addresses handshake failures on older Android devices (5.0–5.1.x) when connecting to Sunshine/Moonlight. The issue is caused by Android 5’s outdated TLS stack, which does not fully support TLS 1.2. Modern Sunshine servers require TLS 1.2, and legacy protocols like TLS 1.0 or 1.1 are no longer supported or secure, so server-side changes are not a safe option.
The fix adds Conscrypt as a client-side TLS provider and configures Moonlight to use it for secure connections. Conscrypt provides full TLS 1.2 support on Android 5 devices, ensuring the handshake completes successfully without lowering server security. This patch is entirely client-side and does not affect newer Android versions or server configurations.
Tested on a Samsung P600 running Android 5.1.1, the patch allows pairing and streaming with Sunshine. It works alongside modern devices and preserves compatibility with existing TLS configurations. This ensures older devices remain supported without compromising security for other users.
Fixes these bugs:
#1228
#1300